EMV-Softwares-malware-list
EMV-Softwares-malware-list copied to clipboard
Published
20 hours ago •
Xyl2k
Xyl2k
A non-exhaustive list of hacktools related to EMV fraud
Hacktool:Win32/EMVSoft malware list
Gallery with hashes of samples related to fraud softwares who aim to clone credit card datas on EMV chip.
Who is this page aimed at?
Myself:
I wasted a whole week-end building this list to see what look like the 'emv fraud landscape' for fun, and also to have a trace of which name correspond to which hash.
Malware Analysts / RE / Security people:
If you are curious about how that kind of things work (how they handle smart cards, code similarities, etc..), you have here a list of +100 hashes to beggin your investigations. There is before each hash a quick link access to their virustotal scan report, and also a hybrid-analysis and any.run link. (HA and AR may return 404 error if they haven't already stumbled across the sample of interest.)
May hopefully someone find one or two useful gems, but i doubt (just my two cents, i already analyzed them and most of theses 'softs' are mostly copycat if not 'ressource hacked' of each others relying on GPShield and a 'macgyver.cap'. You may want to have a look on @fboldewin presentation: MacGyver's return - An EMV Chip cloning case who basically explain "why?" and "how?"
Who is this page NOT aimed at?
Carders / Lamers:
No download here, don't ask and move along, this is merely for information purposes only.
Anyone else:
If somehow you ran across a sample listed here :exclamation: DO NOT EXECUTE IT :exclamation: consider yourself infected if you did.
EMVStudio:
hashes:
- ☣ [HA] [VT] [AR]
7a0a07959f3629cafbcb8827715f931e533ba7894e8a3bc42df95fcfcc0bd584EMVStudio v1.1.3 - ☣ [HA] [VT] [AR]
83262e3fbea3a3c373c706ff71864066d52acaf63affafc12b7da6d74b95e302EMVStudio v1.1.3, cracked ver - ☣ [HA] [VT] [AR]
52c89dbef55bd526def42ab9dbb04a2a02dac17cd4b4c0af7177ac61dd8f4297EMVStudio v1.1.3, cracked ver - ☣ [HA] [VT] [AR]
050847f886f9df20c5d99a1cd2edffa478fedacaa433f7b17139fe66ab7b810aEMVStudio v1.1.3, cracked ver - ☣ [HA] [VT] [AR]
ce9187aa45f3f33e6f87a4dfcfa67308251970ca3d4e187bf9bb675c16942384EMVStudio v1.1.2 - ☣ [HA] [VT] [AR]
469786c4420d1316287d13f959c65e7eedd396e2d28d49a81e17f843f7dd3d33EMVStudio v1.1.1 - ☣ [HA] [VT] [AR]
8d6dacff8a098b8d02202e8c6a4a65bbe20b332ba58d6165cca6f958187864c4EMVStudio Trial v1.0
ShadeStudio:
hash:
ARQC TOOL PLUS:
hash:
- ☣ [HA] [VT] [AR]
e13c0b718728fc30762eb68e59d92308e0e66efa06b70fae1ea1f65e32d4344aARQC TOOL PLUS v1.0
Matrix:
hashes:
- ☣ [HA] [VT] [AR]
fee2dd31e457776e501049191811f208d2b02bfd4071a801664ffd4ee2bac80cmatrix v? (pass: 1qa2ws3ed4rf) - ☣ [HA] [VT] [AR]
87678c6dcf0065ffc487a284b9f79bd8c0815c5c621fc92f83df24393bfcc660matrix v? cracked ver
Matrix Alternate (1):
hash:
- ☣ [HA] [VT] [AR]
5d00faaccc0e9a7c3fc1eb16266f33a5c1e99b870e7454c47f42305e2cdfc564matrix v? (user: admin, pass: ewqdsacxz)
Matrix Alternate (2):
hash:
- ☣ [HA] [VT] [AR]
e7c0a5985f067e319248127643e3d2b3ea72401717c9357db706c84afca44ebdmatrix alternate(2)
B.R Smart Card writer v9:
hashes:
- ☣ [HA] [VT] [AR]
aea36d94e8a8deb91b0dbf84554e57b59d112c86a9261ac79d5cae9e9cb96bf8X.exe - ☣ [HA] [VT] [AR]
d88921df9456682cfcbad03991fdb2d60eade3bd1d81d97616761fceef74625d"v9" - ☣ [HA] [VT] [AR]
4d02db9e8e4b83665b5bb4b6ad959478d81260706c9a57d68fa44c6b17e2264fB.R v6.0 - ☣ [HA] [VT] [AR]
737b5f8110634e4bbd06834bd2f2e3f5c139c548def54007daa2c433ae682ba2B.R v5.0 - ☣ [HA] [VT] [AR]
50edc7d9458e34802dc5e62a942b66fd801c338a643e33afe66a3e314d5be096B.R v2.0 - ☣ [HA] [VT] [AR]
77a8f671bf8bdccd3ee8682469ec0bc098b096398745c8b0bf084fa293f13c59EMV Mexico 2018
Jcophiro:
hashes:
- ☣ [HA] [VT] [AR]
c0d11ed2eed0fef8d2f53920a1e12f667e03eafdb2d2941473d120e9e6f0e657base version - ☣ [HA] [VT] [AR]
1ecfd3755eba578108363c0705c6ec205972080739ed0fbd17439f8139ba7e08reshacked english version - ☣ [HA] [VT] [AR]
c23411deeec790e2dba37f4c49c7ecac3c867b7012431c9281ed748519eda65creshacked version 'flamigo' - ☣ [HA] [VT] [AR]
04f0c9904675c7cf80ff1962bec5ef465ccf8c29e668f3158ec262414a6cc6ebflamingo reshack 'UK 2018' - ☣ [HA] [VT] [AR]
c23411deeec790e2dba37f4c49c7ecac3c867b7012431c9281ed748519eda65cflamingo reshack 'credit UK' - ☣ [HA] [VT] [AR]
1cc8a2f3ce12f4b8356bda8b4aaf61d510d1078112af1c14cf4583090e062fbeflamingo reshack 'China' - ☣ [HA] [VT] [AR]
247484124f4879bfacaae73ea32267e2c1e89773986df70a5f3456b1fb944c58flamingo reshack 'Canada' - ☣ [HA] [VT] [AR]
7335cd56a9ac08c200cca7e25b939e9c4ffa4d508207e68bee01904bf20a6528flamingo reshack 'Argentina' - ☣ [HA] [VT] [AR]
af542ccb415647dbd80df902858a3d150a85f37992a35f29999eed76ac01a12bflamingo reshack 'Japan' - ☣ [HA] [VT] [AR]
bb828eb0bbebabbcb51f490f4a0c08dd798b1f350dddddb6c00abcb6f750069fflamingo reshack 'USA'
X2:
hashes:
- ☣ [HA] [VT] [AR]
76d11132b4ec7cabbbf1c674d2f52ad2b54ab71bc0567923af686be470fdcff3X2 - ☣ [HA] [VT] [AR]
1265a4c2248049fa1cb6303760295ac2a12f60f921ffc9a565350440933337d1X2 5.1 - ☣ [HA] [VT] [AR]
f5bf73b9308232aa7afd5730dfc2b7b0169884abe6df02c5768165ae5ea3bee6X2 "2021 emv_alpha" - ☣ [HA] [VT] [AR]
08e54f245fdf449f538439c71e53253572ff8066ed862cedab065d858630fefeX2 "2020 emv_alpha trial" - ☣ [HA] [VT] [AR]
10d8998094e9bdd9951a2edcc9cec3540628712b325682b21dba02b6650d97c9X2 "2021 emv_alpha" cracked
X2Gold:
hash:
X2A:
hashes:
- ☣ [HA] [VT] [AR]
da012c9b8ceceada9eb4db6b2de253cba1b2612ff5dc38c76ab0fd3784fc9640X2A - ☣ [HA] [VT] [AR]
fffc5da33ab43a787a1126db58901913b0019107c9bcaf4c7cd40a793787691dX2A (nfc design) - ☣ [HA] [VT] [AR]
6cb6a3e75965ebacf1f6d72096a90e9d80be6d1c9d6ebd7dd9453992140a9d5cX2A (mr_emv trial)
X1:
hashes:
- ☣ [HA] [VT] [AR]
6f24acf9a3ed15b5ef034460850679d7e9df1233386a36fc0a4b787844ee2e2eX1 v5.0 - ☣ [HA] [VT] [AR]
2b924e13e705ecf9ea9199c6011dc4bd1d9160bffd1d6db0e5b0e0f40c01f47cX1 v4.1 - ☣ [HA] [VT] [AR]
bbfaf2eeeaedb9a9010e8f063a1a9a7f6b40f4d5b2ad5a62c649ab1d56edffa7X1 v1.1 - ☣ [HA] [VT] [AR]
e3db277da551621b102ac5ee545e772aa25799fa941c1e06bbc69fe4142af7cfX1 'Toronto' (reshacked X1 v1.1)
coded-by-codex Basico:
hash:
coded-by-codex Completo:
hash:
coded-by-codex Debito Caixa:
hash:
coded-by-codex amex:
hash:
coded-by-codex ultimation:
hash:
Gravador HSBC:
hash:
SmartCard GoldMetal:
hash:
ChipSet:
hashes:
- ☣ [HA] [VT] [AR]
93aa356e2212799dbe1d6f260c5bb17d1912857a8e0a3c058ff6382d62e7c7dfChipSet v2.0 - ☣ [HA] [VT] [AR]
4725c1a75d4d348299319815a073b141e22bff0ef1ace32f754f4e2946908ef4ChipSet v1.4
NFC&EMV Tool:
hash:
EMV Break:
hash:
EMV Reader Writer Software:
hashes:
- ☣ [HA] [VT] [AR]
fa0b96585c598c5601ed557d5917033b918d98eb53ddf7b9e7c71e34f99b0449EMV Reader Software v8.6 - ☣ [HA] [VT] [AR]
8bd2de3a163f9643431328a81b09b9f1fa6d8fd38af09286e8ff74d52da4e60cEMV Reader Software v8.6 - ☣ [HA] [VT] [AR]
2d74fae5d29f1cd8bb9a95414a44a4b0ed8729d7cd8644312a7ca559b1fc5a0aEMV Reader Software v8.6 source
hash:
- ☣ [HA] [VT] [AR]
dc32698c13de42e87913c6d90939186a56ca4586e0397df52ed85e47443ceef4EMV Reader Writer Software v8
MSR 2006 Chip Recorder:
hashes:
- ☣ [HA] [VT] [AR]
68d123933092cf18657978600eb390f0a407f4c71bb6db4eda657d1a23ac2e67MSR 2006 Chip Recorder - ☣ [HA] [VT] [AR]
d8ef05240595fce54791516bcf9dc683b9fc1c2e9aa9886909525678d139b4fdcomponent - ☣ [HA] [VT] [AR]
b0d2623d6ea35fbfa1195f3cb28339ad040aa9e2cf012f00b93668bb4ae1240bMSR 2006 Chip Recorder - ☣ [HA] [VT] [AR]
456925d8dc4b450c6f17a372cccc4ee3db54734ce20bf4fb60c69b98f270b7ddMSR 2006 Chip Recorder
Bradesco Express:
hash:
- ☣ [HA] [VT] [AR]
901254cd4a8a9ecd87403f7297e66a372ead8927806157ac3baf606587a5a0aaBradesco Express 1.0
Gravador GÃMA BR:
hash:
- ☣ [HA] [VT] [AR]
91765b49db91ed82c1be406f840eef0388260b69a8f0eb18fd7a365de014fd05Gravador GÃMA BR v2.4.1 build 1
Conversor CodexCoderBr:
hash:
- ☣ [HA] [VT] [AR]
ad0cb70ff91a6d57abf85b0366cda6275dfc0ce6ace0552d8f9f4c6ef869ef79Conversor CodexCoderBr, (infected)
Booster Chip Recorder:
hash:
- ☣ [HA] [VT] [AR]
954d15d0e1610577ebb0bce826be7cf19876f52ffd207323714dbcc9fac8aa27Booster Chip Recorder
ToRra Writer:
hashes:
- ☣ [HA] [VT] [AR]
58694247857b3046eadb9a3601e1b5d8ce0dfedec8f3a9d8555021ea16e202a5ToRra Writer v2.0 - ☣ [HA] [VT] [AR]
463282e7826735dd78c1333316d92cf61261b7a17474f8b3f3f13df22a4716abToRra Writer v1.0 - ☣ [HA] [VT] [AR]
796820869c84b330818ec817bef7e3ef3b4c4046bbe6ae359d6922f1c0499c72ToRra Writer v1.0 source
Gravador caixa:
hash:
- ☣ [HA] [VT] [AR]
93376dbad75fdbc3db631fed30bc31e6e2a7616aefbf6a0d90048d8f5160d609Gravador caixa 1.6b
Chipso emv solution:
hashes:
- ☣ [HA] [VT] [AR]
23c8685dd5c34b5411e7f49f9ef52f234e76d4343aef9ee80410ab1013fc7f40Chipso emv solution v1.0 - ☣ [HA] [VT] [AR]
99617961d69b524ad07987e1cd0b477fef6360266a8d5759805677732cdc0b7eChipso emv solution v1.0 cracked ver
Chips:
hash:
- ☣ [HA] [VT] [AR]
ba04e63944653a69adf4cd74cf24e08dac96c010145cef6c5a10b6f52b3778cfChips, (pass: juNior24)
CATR:
hashes:
- ☣ [HA] [VT] [AR]
062ddcade243591785e01576605bdb4e2fe9618b76ef60d91bf30c9589f9132dCATR v0.6 - ☣ [HA] [VT] [AR]
2b42443253532b5b3ed05c3e8c8809d03c3a22950ee36b8b68b881cadb708b7aCATR v1.3 - ☣ [HA] [VT] [AR]
7b8d4b10da193ea0c7da143b22d37f901ccdb8368f8b3598957717433bc34d19CATR v2.7 - ☣ [HA] [VT] [AR]
9fc04ee9e6ff5f71f1a796faa250699da9582c512f4703570d4c3ae9da757ed3CATR v2.8 - ☣ [HA] [VT] [AR]
1e2ebeda666bc0dda2e9cdf08275ecc818dee9252309930a6142b759bf135c8dCATR v2.9 - ☣ [HA] [VT] [AR]
06d54f7942a9f03472e484ab35b7dada387aff1d4924588974c0ec437e7eb246CATR v3.1 - ☣ [HA] [VT] [AR]
435e897f8bcfceaa0fbb1a4b0feab3ff9c6bea686b01cd4075061e06a07cc45eCATR v3.2 - ☣ [HA] [VT] [AR]
c422beb6fda49e3de3d63ee21f3051010a9ad95fd8b9d318c2f316123e956619CATR v3.3 - ☣ [HA] [VT] [AR]
515bbf3df2b64ee47cf1fa1d941071ecb146129ad51e1cc7bbd9c12b605fa04dCATR v3.4 - ☣ [HA] [VT] [AR]
06a284b3ac5d648edf2fc7c9053207046705bea1d88811898b2367ca4978ae39CATR v3.5 - ☣ [HA] [VT] [AR]
1a488d456efb1ce742ecc24ebadc46a262c751cbec58e673087c25581134b5bfCATR v3.5.3 - ☣ [HA] [VT] [AR]
ce8714dcf9abf17bfc7781cd48502c5c9edf40c9b6aefbd7bcac17e4aa289859CATR v3.5.4 - ☣ [HA] [VT] [AR]
ce9468d43785fb9c8fc4c007d89312fb1dc5afcb495ef6d4c1cd2b4a5347c9c5CATR v3.6.1 - ☣ [HA] [VT] [AR]
0dd2f67eebadeb44160412e8ff67991551f27c8801fad381f2261df9288188a7CATR v3.6.2 - ☣ [HA] [VT] [AR]
f1073b97ef17fbda139e883aa234e843359a71fe80a4d2389d129ec80511ad8fCATR v3.6.5 - ☣ [HA] [VT] [AR]
73b7f65be1873b03300f370b7da2ae695ac47ed028fdabb726d46d6787593d09CATR v3.6.6 - ☣ [HA] [VT] [AR]
a75415c8b085247e59ed34efed3fb9b4f250bf331af816558521886416dc9f64CATR v3.7.4 - ☣ [HA] [VT] [AR]
965547e45fd4964ae19dedcadf70cfc4201a0b949e2be3ae35b45e88b867b1b9CATR v3.7.5 - ☣ [HA] [VT] [AR]
0b6fc7b1ffd0dad8550b8cb8e1d182bc1cb60bf983f67e896b26b4df1b479919CATR v3.7.9 - ☣ [HA] [VT] [AR]
d809ae9cf65c3ccfe6e4870768b516d48a0758458bc1840159aff4602730b153CATR v3.8.0 - ☣ [HA] [VT] [AR]
8b641002f7abb02bc412b838c44bd6ec89d5f814869ca6fe2c74c03d2f15a9f6CATR v3.8.2 - ☣ [HA] [VT] [AR]
926aa04a90b50b7789e83c6dc10e13dfbc3219915977561350ace843a4cbe72aCATR v3.8.3
ARQC gen:
hash:
- ☣ [HA] [VT] [AR]
e8adb2af6bd57c0ed2f5bc06891acb370a29d0b7e791c9061e8e3765104aaf23ARQC gen - ☣ [HA] [VT] [AR]
f7fc2dc47c089ede31b9842bcb793710a0e8bb03bd1861f612df5e518ce2d905source
Create Code:
hash:
Banco do brasil:
hashes:
- ☣ [HA] [VT] [AR]
55741435ead26e8ba8ce023eed9d50612e97d8bb1ae5ef23607633a567b84ad2Banco do brasil Alternate
Converter em Chipada:
hash:
- ☣ [HA] [VT] [AR]
f6e5968e556e88fd224c692d9c20263d7f0cfce565fffdfd0ea1940d255a64bfConverter em chipada
Systema de gravacao:
hashes:
- ☣ [HA] [VT] [AR]
0e61aa8f5c5fde5ae4242f85f7ce49d5d86cc1ae8a45b0c39598938946fb8f7bSystema de gravacao - ☣ [HA] [VT] [AR]
2ad2b6bde18b2a251eece6c2c5e992874245c0fefa5aaf1e207514940d9d9327Systema de gravacao, pass: silvano123 - ☣ [HA] [VT] [AR]
1db0904982376a95443eec17aa270b19709a09227c99213aaf10f03c0eb97920Systema de gravacao
jeff conversor:
hashes:
- ☣ [HA] [VT] [AR]
07485136d4e532a4ca85ddab3eec1a37185b55e025906f308872bfd91026cf4bjeff conversor v0.05a - ☣ [HA] [VT] [AR]
820f45fe41b012555bb59f18458d9a23363cb9fa79afd49dec8503e70ecf27e2jeff conversor v0.002
Gravador jeff:
hashes:
- ☣ [HA] [VT] [AR]
bb39afcce00747197e0332ca1e69b18488ea40e62b083a499fb53795e1ef0989Gravador jeff v0.06
Hiper Beta:
hashes:
- ☣ [HA] [VT] [AR]
fff9b5e85c4eb0620d01c596760049aae9db7999cacad8d3bc9adb27aef0b5f2Hiper Beta - ☣ [HA] [VT] [AR]
4b263db682c1d33d7b8fe9a29343241194f4c1ca38727a8b493ede23b1294b0dAmex Beta
JCOPTool:
hashes:
- ☣ [HA] [VT] [AR]
3726dabfa9cb8401d81330b09f7782f04d790ec959168c3a4b56c1d14f160e28JCOPTool 1.0 (pass: 123456) - ☣ [HA] [VT] [AR]
6eb913a880274b95173780d68eab2b34608a0da41a4892b018227f51d4970978JCOPTool 1.0 (pass: 123456)
Gravando sistema:
hash:
Changer:
hashes:
vMaster:
hash:
Smart:
hash:
SmartProg:
hash:
- ☣ [HA] [VT] [AR]
75e4bb528163d41e54716264854d5cd4d8d3c458bf2e975ecbb1efb707c03a9bSmartProg, pass: " " (just press spacebar one time.)
EMV Writer:
hash:
- ☣ [HA] [VT] [AR]
d0e9851bbb3a250c0404d461a7a71a53dddcba14f5be29b6e09ff2919f5b8800EMV Writer - ☣ [HA] [VT] [AR]
305c0d9264d0411a5a3845055280eea86f9929d165359409153bbe7f0dddc92bEMV Writer cleaned
ATRToolUltimate:
hash:
- ☣ [HA] [VT] [AR]
b3b6085b6706ef90eadba2e48877677d06fa3a6df7c2df5c94773aa7e8b8c1dfATRToolUltimate 1.0
ISTTool:
hash:
ATRtool:
hashes:
- ☣ [HA] [VT] [AR]
331fc48d8c73d53568e5f9f62692fea9bb82c016a7af5b8b02b4d4a678503b77ATRtool v3.0 - ☣ [HA] [VT] [AR]
8a3a3358eb344235a7948179bdea5e1f5df26a8dd15762e691cc8b0d3f0a39d8ATRtool v2.0 - ☣ [HA] [VT] [AR]
3e8c1e150ce6955174edb0b9e82bef5a6004982469caad0722e0ade0ff93ecb8ATRtool v1.0
Smart Card System:
hash:
POS Simulator:
hash:
Xyl2k